Description

if (! preg_match('/^[a-zA-Z0-9-]+$/', $name)) { is plain wrong according to the RFC a lot of characters are missing e.g _ is one of them...

rfc2616
HTTP header fields, which include general-header (section 4.5), request-header (section 5.3), response-header (section 6.2), and entity-header (section 7.1) fields, follow the same generic format as that given in Section 3.1 of RFC 822 [9]. Each header field consists of a name followed by a colon (":") and the field value

rfc822
field = field-name ":" [ field-body ] CRLF
field-name = 1*

Comments

Posted by Shahar Evron (shahar) on 2009-07-23T16:16:51.000+0000

Hi,

I can easily fix this of course but just out of curiosity, have you encountered any problems or is this just for being RFC-like sake?

Thanks,

Shahar.

Posted by Shahar Evron (shahar) on 2009-07-24T04:25:46.000+0000

We might want to consider "reversing" the fix for ZF-2019 (rev. 6648) if we change this

Posted by Shahar Evron (shahar) on 2009-07-24T04:36:28.000+0000

BTW it looks like there is some ambiguity - while Zend_Http_Client does wrong validation anyway, RFC 2616 states both that, as you mentioned, headers should follow the RFC 822 definition - but also at the same place defines: